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root@kali: ~ eo 


File Edit View Search Terminal Help 
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root@kali: - Seo 90 


File Edit View Search Terminal Help 
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nmap —p 23 10.0.0.10 


root@kali: - ~ Bom *] 


File Edit View Search Terminal Help 
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nmap —sV —p 23 10.0.0.10 


root@kali: - oR 


File Edit View Search Terminal Help 
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root@kali: ~ eo 8 98 


File Edit View Search Terminal Help 
:~# nmap -p 80 baseiran.com 


Starting Nmap 7.25BETA1 ( https://nmap.org ) at 2017-03-24 12:06 UTC 
Nmap scan report for baseiran.com (185.55.227.88) 

Host is up (0.0034s Latency). 

rDNS record for 185.55.227.88: hosted-by.serverpars.net 

PORT STATE SERVICE 

80/tcp open http 


Nmap done: 1 IP address (1 host up) scanned in 0.40 seconds 
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root@kali: ~ eo © 8 


File Edit View Search Terminal Help 
-~# nmap -p 80 baseliran.com 


Starting Nmap 7.25BETA1 ( https://nmap.org ) at 2017-03-24 12:06 UTC 
Nmap scan report for baseiran.com (185.55.227.88) 

Host is up (0.0034s Latency). 

rDNS record for 185.55.227.88: hosted-by.serverpars.net 

PORT STATE SERVICE 

80/tcp open http 


Nmap done: 1 IP address (1 host up) scanned in 0.40 seconds 
:-~# nmap -p 23 baseliran.com 


Starting Nmap 7.25BETA1 ( https://nmap.org ) at 2017-03-24 12:17 UTC 
Nmap scan report for baseiran.com (185.55.227.88) 

Host is up (0.00046s Latency). 

rDNS record for 185.55.227.88: hosted-by.serverpars.net 

PORT STATE SERVICE 

23/tcp filtered telnet 


Nmap done: 1 IP address (1 host up) scanned in 2.99 seconds 
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nmap —Sv —p 80 baseiran.com 


root@kali: ~ 


File Edit View Search Terminal Help 


Nmap done: 1 IP address (1 host up) scanned in 0.40 seconds 
:~# nmap -p 23 baseiran.com 


Starting Nmap 7.25BETA1 ( https://nmap.org ) at 2017-03-24 12:17 UTC 
Nmap scan report for baseiran.com (185.55.227.88) 

Host is up (0.00046s Latency). 

rDNS record for 185.55.227.88: hosted-by.serverpars.net 

PORT STATE SERVICE 

23/tcp filtered telnet 


Nmap done: 1 IP address (1 host up) scanned in 2.99 seconds 
:~# nmap -sV -p 80 baseiran.com 


Starting Nmap 7.25BETA1 ( https://nmap.org ) at 2017-03-24 12:24 UTC 
Nmap scan report for baseiran.com (185.55.227.88) 

Host is up (0.0039s Latency). 

rDNS record for 185.55.227.88: hosted-by.serverpars.net 

PORT STATE SERVICE VERSION 

80/tcp open http Apache httpd 


Service detection performed. Please report any incorrect results at https://nmap 
.org/submit/ . 
Nmap done: 1 IP address (1 host up) scanned in 11.95 seconds 
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1. cd /usr/share/nmap/scripts/ 
2. Is 


root@kali: /usr/share/nmap/scripts eo 0 8 


File Edit View Search Terminal Help 


root@kali:~# cd Stl aid ber Lala 
root@kali:/usr/share/nmap/scripts# ls 
acarsd-info.nse imap-capabilities.nse 
address-info.nse imap-ntlm-info.nse 
afp-brute.nse informix-brute.nse 
afp-ls.nse informix-query.nse 
afp-path-vuln.nse informix-tables.nse 
afp-serverinfo.nse ip-forwarding.nse 
afp-showmount.nse ip-geolocation-geobytes.nse 
ip-geolocation-geoplugin.nse 
ip-geolocation-ipinfodb.nse 
ip-geolocation-maxmind.nse 
ajp-methods.nse ip-https-discover.nse 
ajp-request.nse ipidseq.nse 
allseeingeye-info.nse ipv6-multicast-mld-list.nse 
amqp-info.nse ipv6-node-info.nse 
asn-query.nse ipv6-ra-flood.nse 
auth-owners.nse irc-botnet-channels.nse 
auth-spoof.nse irc-brute.nse 
backorifice-brute.nse irc-info.nse 
backorifice-info.nse irc-sasl-brute.nse 
bacnet-info.nse irc-unrealircd-backdoor.nse 
banner.nse iscsi-brute.nse 
bitcoin-getaddr.nse iscsi-info.nse 
bitcoin-info.nse isns-info.nse 
bitcoinrpc-info.nse jdwp-exec.nse 
bittorrent-discovery.nse -info.nse 


aJnB discover.nse -inject.nse 
hroadcact-atana-dicronver nce idwn-varcinn nce ° 





cul (IMAP SCript ENZINE) are AF Votive opSS NSE gw b AS tae cole pls le cw Sul cyl 


SleMbl g http « arcls SK 4p bar yo GleMb| Mio su (ooh Glaylf be Cy Sul cpl jl ool L wletee Lad 
a yly Cuwds y5d)90 Cylo Gg jI ly 6549 Laliore 


Mio « piSuc |ol gy la Cu Sul jl (SO a9 jG & ata AMAP Colm Cy Sul j) orld! oly 


nmap --script whois-domain baseiran.com 


root@kali: /usr/share/nmap/scripts 6&6 © 8 
File Edit View Search Terminal Help 


whois-domain: 


Domain name record found at whois.yoursrs.com 
Domain Name: baseiran.com 

Registry Domain ID: 2040071030 DOMAIN COM-VRSN 
Registrar WHOIS Server: whois.yoursrs.com 
Registrar URL: http://www.realtimeregister.com 
Updated Date: 2017-03-15T19:55:42Z 

Creation Date: 2016-07-057T08:51:152Z 

Registrar Registration Expiration Date: 2017-07-05T08:51:152Z 
Registrar: REALTIME REGISTER B.V. 

Registrar IANA ID: 839 

Reseller: Base iran Co 


Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhib 


Domain Status: ok http://www.icann.org/epp#ok 
Registry Registrant ID: Not Available From Registry 
Registrant Name: baseiran 

Registrant Organization: Base iran Co 

Registrant Street: Azadi sq , Base iran Co 
Registrant City: Sanandaj 

Registrant State/Province: Kurdistan 

Registrant Postal Code: 6613713951 

Registrant Country: IR 

Registrant Phone: +98.8700000000 

Registrant Phone Ext: 

Registrant Fax: . 
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nmap -Pn -sn --script whois-domain baseiran.com 


root@kali: /usr/share/nmap/scripts o& © O 


File Edit View Search Terminal Help 
:/usr/share/nmap/scripts# nmap -Pn -sn --script whois-domain baseiran.com “ 


Starting Nmap 7.25BETA1 ( https://nmap.org ) at 2017-03-24 12:57 UTC 
Nmap scan report for baseiran.com (185.55.227.88) 

Host iS up. 

rDNS record for 185.55.227.88: hosted-by.serverpars.net 


Host script results: 
whois-domain: 


| Domain name record found at whois.yoursrs.com 

| Domain Name: baseiran.com 

| Registry Domain ID: 2040071030 DOMAIN COM-VRSN 

| Registrar WHOIS Server: wholis.yoursrs.com 

| Registrar URL: http://www.realtimeregister.com 

| Updated Date: 2017-03-151T19:55:422Z 

| Creation Date: 2016-07-051T08:51:15Z 

| Registrar Registration Expiration Date: 2017-07-051T08:51:15Z 
| Registrar: REALTIME REGISTER B.V. 

| Registrar IANA ID: 839 

| Reseller: Base iran Co 

| Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhib 
ited 

| Domain Status: ok http://www. icann.org/epp#ok 

| Registry Registrant ID: Not Available From Registry 

| Registrant Name: baseiran 

| Registrant Organization: Base iran Co 

| Registrant Street: Azadi sq , Base iran Co 

| Rea: ewe 
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whois baseiran.com 


root@kali: ~ 6 ® 8 
File Edit View Search Terminal Help 
root@kali:~# whois baseiran.com 


Whois Server Version 2.0 


Domain names in the .com and .net domains can now be registered 
with many different competing registrars. Go to http://www.internic.net 
for detailed information. 


Domain Name: BASEIRAN.COM 

Registrar: REALTIME REGISTER BV 

Sponsoring Registrar IANA ID: 839 

Whois Server: whois.yoursrs.com 

Referral URL: http://www.realtimeregister.com 
Name Server: IRNS55.SERVERPARS. COM 

Name Server: IRNS56.SERVERPARS. COM 

Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited 
Updated Date: 15-mar-2017 

Creation Date: 05-jul-2016 

Expiration Date: 05-jul-2017 


>>> Last update of whois database: Fri, 24 Mar 2017 08:56:37 GMT <<< 


For more information on Whois status codes, please visit https://icann.org/epp 


NOTICE: The expiration date displayed in this record is the date the 
registrar's sponsorship of the domain name registration in the registry is 
currently set to expire. This date does not necessarily reflect the expiration 


date of the domain name registrant's agreement with the sponsoring 
ranictrar licarc mav conciult the cnoncorinn ranictrar'c Whnic datahace tno 
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dnsenum baseiran.com 


root@kali: ~ 000 
File Edit View Search Terminal Help 


:~# dnsenum baseiran.com 
dnsenum.pl VERSION:1.2.3 


baseiran.com. 185.55.227.88 


irns55.serverpars.com. 111252 185.55.227.86 
irns56.serverpars.com. 111252 185.55.227.87 


baseiran.com. 185.55.227.88 


Trying Zone Transfer for baseiran.com on irns55.serverpars.com ... 
AXFR record query failed: REFUSED 


Trying Zone Transfer for baseiran.com on irns56.serverpars.com ... 
AXFR record query failed: REFUSED 


brute force file not specified, bay. 
:~# 
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root@kali: ~ 6 ® Qo 
File Edit View Search Terminal Help 


fb.mail.gandi.net. 217.70.184. 
Tb.mail.gandi.net. 217.70.184. 
Tb.mail.gandi.net. 217.70.184. 
spool.mail.gandi.net. 217.70.184. 





Transfer for megacorpone.com on ns2.megacorpone.com ... 

.com. Pao)! PAO] 0) SOA 

.com. 259200 

oe) Pea} PAO] 0) 

.com. 259200 

ee) 259200 

.com. Pa}! VA010) nsl.megacorpone.com. 

.com. 259200 ns2.megacorpone.com. 

.com. Pea) PAO] 0) ns3.megacorpone.com. 
admin.megacorpone.com. 259200 .100.193. 
beta.megacorpone.com. 259200 .100.193. 
fsl1.megacorpone.com. sls Sa Fes 
intranet.megacorpone.com. .100.193. 
mail.megacorpone.com. 
mail2.megacorpone.com. 
nsl.megacorpone.com. 259200 
ns2.megacorpone.com. Pea) VA010) 
ns3.megacorpone.com. Pa)! VAC] 0) 
router.megacorpone.com. Pee) VA0]0) 
siem.megacorpone.com. 259200 
snmp.megacorpone.com. Pao) VAC] 0) 
support.megacorpone.com. 259200 
syslog.megacorpone.com. 259200 
test.megacorpone.com. Pea) VAC] 0) 
vpn.megacorpone.com. 259200 
www.megacorpone.com. Pao) VAC] 0) 
Wwww2.megacorpone.com. Pea}! VA010) 


38.100.193. 
173.246.47. 
38.100.193. 
38.166.193. 
38.100.193. 
38.100.193. 
38.100.193. 
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dmitry -wnpb megacorpone.com 


root@kali: ~ 68 8 
File Edit View Search Terminal Help 
unsolicited, commercial advertising or solicitations via e-mail, telephone, 
or facsimile; or (2) enable high volume, automated, electronic processes 
that apply to VeriSign (or its computer systems). The compilation, 
repackaging, dissemination or other use of this Data is expressly 
prohibited without the prior written consent of VeriSign. You agree not to 
use electronic processes that are automated and high-volume to access or 
query the Whois database except as reasonably necessary to register 
domain names or modify existing registrations. VeriSign reserves the right 
to restrict your access to the Whois database in its sole discretion to ensure 
operational stability. VeriSign may restrict or terminate your access to the 
Whois database for failure to abide by these terms of use. VeriSign 
reserves the right to modify these terms at any time. 


The Registry database contains ONLY .COM, .NET, .EDU domains and 
Registrars. 


Gathered Netcraft information for megacorpone.com 
Retrieving Netcraft.com information for megacorpone.com 
Netcraft.com Information gathered 


Gathered TCP Port information for 38.100.193.76 


p 
>> SSH-2.0-OpenSSH 6.0p1 Debian-3ubuntul.2 
80/tcp open 


Portscan Finished: Scanned 150 ports, 147 ports were in state closed 


All scans completed, exiting 
ee 
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fierce -dns baseiran.com 


root@kali: ~ 6 ® Qo 
File Edit View Search Terminal Help 
rootekali:-~# fierce -dns baseiran.com 
DNS Servers for baseiran.com: 
irns55.serverpars.com 
irns56.serverpars.com 


Trying zone transfer first... 
Testing irns55.serverpars.com 
Request timed out or transfer not allowed. 
Testing irns56.serverpars.com 
Request timed out or transfer not allowed. 


UnsuccessTul in zone transfer (it was worth a shot) 
Okay, trying the good old fashioned way... brute force 


Checking Tor wildcard DNS... 
. Good. 

performing 2280 test(s)... 
.95.22/7.88 ftp.baseiran.com 
ane OF mail. baseiran. com 
.99.227,86 my.baseiran. com 

foe be pat ag dete t= whois.baselran.com 
.95.227.88  Www.baseiran.com 


Subnets found (may want to probe here using nmap or unicornscan): 
185.55.22/7.0-255 : 5 hostnames found. 


Done with Fierce scan: http://ha.ckers.org/fierce/ 
Found 5 entries. 


Have a nice day. 
root@kali:~# J 
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theharvester -d baseiran.com -| 300 -b google 


root@kali: ~ =] Q 
File Edit View Search Terminal Help 
* TheHarvester Ver. 2./ * 
* Coded by Christian Martorella * 
* Edge-Security Research * 
* cmartorelLla@edge-security.com * 
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[-] Searching in Google: 
Searching 0 results... 
Searching 100 results... 
Searching 200 results... 
Searching 300 results... 


[+] Emails found: 


info@baseiran. com 
domain@baseiran.com 


[+] Hosts found in search engines: 


[-] Resolving hostnames IPs... 
185.55.22/7.88:whois.baseiran. com 
185.55.227.88:www.baselran. com 
root@kali:~# Jj 
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root@kali: ~ S @ 
File Edit View Search Terminal Help 
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* TheHarvester Ver. 2.7 

* Coded by Christian Martorella 

* Edge-Security Research 

* cmartorella@edge-security.com 
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[-] Searching in Linkedin.. 
Searching 100 results... 
Searching 200 results... 
Searching 300 results... 

Users Trom Linkedin: 


Dr.Alireza Emami 
Omid Enssani 

Hadi Taghizadeh 
Maryam Shirinzadeh 
Anoop Kumar M 5S 
root@kali:~# Jj 
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